[ALSA-2021:0618] Important: stunnel security update
Type:
security
Severity:
important
Release date:
2021-02-22
Description:
Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection (encrypted using SSL or TLS) or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fix(es): * stunnel: client certificate not correctly verified when redirect and verifyChain options are used (CVE-2021-20230) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 stunnel-5.56-5.el8_3.aarch64.rpm 6eaea66353dc6f84761790f750ddfd9f0bb97076f8a213f00fffd3c2a9e24987
ppc64le stunnel-5.56-5.el8_3.ppc64le.rpm 73fe4042513e319e51050c417a1ca9f18e975eff8b399785d8677d44f1107d55
x86_64 stunnel-5.56-5.el8_3.x86_64.rpm 295addea8fd6fe24287019dc5df1c8f7447bb1ea70ece97d3d90593a60d729b1
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.